openstack
/
magnum
Code Issues Proposed changes
magnum/magnum/drivers/heat/k8s_template_def.py

296 lines
12 KiB
Python
Raw Blame History

# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
from oslo_config import cfg
from oslo_utils import uuidutils
from magnum.common import exception
from magnum.common import keystone
from magnum.common import neutron
from magnum.drivers.heat import template_def
CONF = cfg.CONF
"""kubernetes ports """
KUBE_SECURE_PORT = '6443'
KUBE_INSECURE_PORT = '8080'
class K8sApiAddressOutputMapping(template_def.OutputMapping):
def set_output(self, stack, cluster_template, cluster):
if self.cluster_attr is None:
return
output_value = self.get_output_value(stack)
if output_value is not None:
# TODO(yuanying): port number is hardcoded, this will be fix
protocol = 'https'
port = KUBE_SECURE_PORT
if cluster_template.tls_disabled:
protocol = 'http'
port = KUBE_INSECURE_PORT
params = {
'protocol': protocol,
'address': output_value,
'port': port,
}
value = "%(protocol)s://%(address)s:%(port)s" % params
setattr(cluster, self.cluster_attr, value)
class ServerAddressOutputMapping(template_def.NodeGroupOutputMapping):
public_ip_output_key = None
private_ip_output_key = None
def __init__(self, dummy_arg, nodegroup_attr=None, nodegroup_uuid=None):
self.nodegroup_attr = nodegroup_attr
self.nodegroup_uuid = nodegroup_uuid
self.heat_output = self.public_ip_output_key
self.is_stack_param = False
def set_output(self, stack, cluster_template, cluster):
if not cluster_template.floating_ip_enabled:
self.heat_output = self.private_ip_output_key
LOG.debug("Using heat_output: %s", self.heat_output)
super(ServerAddressOutputMapping,
self).set_output(stack, cluster_template, cluster)
class MasterAddressOutputMapping(ServerAddressOutputMapping):
public_ip_output_key = 'kube_masters'
private_ip_output_key = 'kube_masters_private'
class NodeAddressOutputMapping(ServerAddressOutputMapping):
public_ip_output_key = 'kube_minions'
private_ip_output_key = 'kube_minions_private'
class K8sTemplateDefinition(template_def.BaseTemplateDefinition):
"""Base Kubernetes template."""
def __init__(self):
super(K8sTemplateDefinition, self).__init__()
self.add_parameter('external_network',
cluster_template_attr='external_network_id',
required=True)
self.add_parameter('fixed_network',
cluster_template_attr='fixed_network')
self.add_parameter('fixed_subnet',
cluster_template_attr='fixed_subnet')
self.add_parameter('network_driver',
cluster_template_attr='network_driver')
self.add_parameter('volume_driver',
cluster_template_attr='volume_driver')
self.add_parameter('tls_disabled',
cluster_template_attr='tls_disabled',
required=True)
self.add_parameter('registry_enabled',
cluster_template_attr='registry_enabled')
self.add_parameter('cluster_uuid',
cluster_attr='uuid',
param_type=str)
self.add_parameter('insecure_registry_url',
cluster_template_attr='insecure_registry')
self.add_parameter('kube_version',
cluster_attr='coe_version')
self.add_output('api_address',
cluster_attr='api_address',
mapping_type=K8sApiAddressOutputMapping)
self.add_output('kube_minions_private',
cluster_attr=None)
self.add_output('kube_masters_private',
cluster_attr=None)
self.add_parameter('docker_volume_size',
cluster_attr='docker_volume_size')
self.add_parameter('docker_storage_driver',
cluster_template_attr='docker_storage_driver')
def add_nodegroup_params(self, cluster):
super(K8sTemplateDefinition,
self).add_nodegroup_params(cluster)
worker_ng = cluster.default_ng_worker
master_ng = cluster.default_ng_master
self.add_parameter('number_of_minions',
nodegroup_attr='node_count',
nodegroup_uuid=worker_ng.uuid,
param_class=template_def.NodeGroupParameterMapping)
self.add_parameter('minion_flavor',
nodegroup_attr='flavor_id',
nodegroup_uuid=worker_ng.uuid,
param_class=template_def.NodeGroupParameterMapping)
self.add_parameter('master_flavor',
nodegroup_attr='flavor_id',
nodegroup_uuid=master_ng.uuid,
param_class=template_def.NodeGroupParameterMapping)
def update_outputs(self, stack, cluster_template, cluster):
master_ng = cluster.default_ng_master
worker_ng = cluster.default_ng_worker
self.add_output('kube_masters',
nodegroup_attr='node_addresses',
nodegroup_uuid=master_ng.uuid,
mapping_type=MasterAddressOutputMapping)
self.add_output('kube_minions',
nodegroup_attr='node_addresses',
nodegroup_uuid=worker_ng.uuid,
mapping_type=NodeAddressOutputMapping)
self.add_output('number_of_minions',
nodegroup_attr='node_count',
nodegroup_uuid=worker_ng.uuid,
is_stack_param=True,
mapping_type=template_def.NodeGroupOutputMapping)
super(K8sTemplateDefinition,
self).update_outputs(stack, cluster_template, cluster)
def get_params(self, context, cluster_template, cluster, **kwargs):
extra_params = kwargs.pop('extra_params', {})
extra_params['username'] = context.user_name
osc = self.get_osc(context)
extra_params['region_name'] = osc.cinder_region_name()
# set docker_volume_type
# use the configuration default if None provided
docker_volume_type = cluster.labels.get(
'docker_volume_type', CONF.cinder.default_docker_volume_type)
extra_params['docker_volume_type'] = docker_volume_type
extra_params['nodes_affinity_policy'] = \
CONF.cluster.nodes_affinity_policy
if cluster_template.network_driver == 'flannel':
extra_params["pods_network_cidr"] = \
cluster.labels.get('flannel_network_cidr', '10.100.0.0/16')
if cluster_template.network_driver == 'calico':
extra_params["pods_network_cidr"] = \
cluster.labels.get('calico_ipv4pool', '192.168.0.0/16')
self._set_cert_manager_params(cluster, extra_params)
extra_params['discovery_url'] = \
self.get_discovery_url(cluster, cluster_template=cluster_template)
osc = self.get_osc(context)
extra_params['magnum_url'] = osc.magnum_url()
if cluster_template.tls_disabled:
extra_params['loadbalancing_protocol'] = 'HTTP'
extra_params['kubernetes_port'] = 8080
extra_params['octavia_enabled'] = keystone.is_octavia_enabled()
# NOTE(lxkong): Convert external network name to UUID, the template
# field name is confused. If external_network_id is not specified in
# cluster template use 'public' as the default value, which is the same
# with the heat template default value as before.
ext_net = cluster_template.external_network_id or "public"
if not uuidutils.is_uuid_like(ext_net):
ext_net_id = neutron.get_network_id(context, ext_net)
extra_params['external_network'] = ext_net_id
else:
extra_params['external_network'] = ext_net
label_list = ['flannel_network_cidr', 'flannel_backend',
'flannel_network_subnetlen',
'system_pods_initial_delay',
'system_pods_timeout',
'admission_control_list',
'prometheus_monitoring',
'grafana_admin_passwd',
'kube_dashboard_enabled',
'etcd_volume_size',
'cert_manager_api',
'ingress_controller_role',
'octavia_ingress_controller_tag',
'kubelet_options',
'kubeapi_options',
'kubeproxy_options',
'kubecontroller_options',
'kubescheduler_options',
'influx_grafana_dashboard_enabled']
for label in label_list:
extra_params[label] = cluster.labels.get(label)
ingress_controller = cluster.labels.get('ingress_controller',
'').lower()
if (ingress_controller == 'octavia'
and not extra_params['octavia_enabled']):
raise exception.InvalidParameterValue(
'Octavia service needs to be deployed for octavia ingress '
'controller.')
extra_params["ingress_controller"] = ingress_controller
cluser_ip_range = cluster.labels.get('service_cluster_ip_range')
if cluser_ip_range:
extra_params['portal_network_cidr'] = cluser_ip_range
if cluster_template.registry_enabled:
extra_params['swift_region'] = CONF.docker_registry.swift_region
extra_params['registry_container'] = (
CONF.docker_registry.swift_registry_container)
kube_tag = (cluster.labels.get("kube_tag") or
cluster_template.labels.get("kube_tag"))
if kube_tag:
extra_params['kube_version'] = kube_tag
return super(K8sTemplateDefinition,
self).get_params(context, cluster_template, cluster,
extra_params=extra_params,
**kwargs)
def _set_cert_manager_params(self, cluster, extra_params):
cert_manager_api = cluster.labels.get('cert_manager_api')
if strutils.bool_from_string(cert_manager_api):
extra_params['cert_manager_api'] = cert_manager_api
ca_cert = cert_manager.get_cluster_ca_certificate(cluster)
if six.PY3 and isinstance(ca_cert.get_private_key_passphrase(),
six.text_type):
extra_params['ca_key'] = x509.decrypt_key(
ca_cert.get_private_key(),
ca_cert.get_private_key_passphrase().encode()
).decode().replace("\n", "\\n")
else:
extra_params['ca_key'] = x509.decrypt_key(
ca_cert.get_private_key(),
ca_cert.get_private_key_passphrase()).replace("\n", "\\n")
def get_scale_params(self, context, cluster, scale_manager=None,
nodes_to_remove=None):
scale_params = dict()
if nodes_to_remove:
scale_params['minions_to_remove'] = nodes_to_remove
if scale_manager:
hosts = self.get_output('kube_minions_private')
scale_params['minions_to_remove'] = (
scale_manager.get_removal_nodes(hosts))
return scale_params
def get_env_files(self, cluster_template, cluster):
env_files = []
template_def.add_priv_net_env_file(env_files, cluster_template)
template_def.add_etcd_volume_env_file(env_files, cluster_template)
template_def.add_volume_env_file(env_files, cluster)
template_def.add_lb_env_file(env_files, cluster_template)
template_def.add_fip_env_file(env_files, cluster_template, cluster)
return env_files
View Git Blame Copy Permalink